• umami_wasabi@lemmy.ml
    link
    fedilink
    arrow-up
    5
    arrow-down
    4
    ·
    1 year ago

    I wonder how they did it. The sync data is supposed to be protected by E2EE where the key is derived from the user password or an separate sync password, at least before I abandon Chrome and go FF few years ago.

    • Platform27@lemmy.ml
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      1 year ago

      Last I looked, Chrome’s sync is not E2EE. Next to nothing (user space) is E2EE, in Google’s ecosystem. By default it’s only Encryption in Transit. I think you can enable a Passphrase (encryption on device), but that’s optional.

    • ChaoticNeutralCzech@feddit.de
      link
      fedilink
      arrow-up
      5
      arrow-down
      2
      ·
      1 year ago

      Encrypted between… Chrome and Chrome? Two installations of Google’s non-FOSS browser? You never really had control over that data.